Dirty Butter 722 Posted September 26 Based on the whole layout of the information, I assumed a recent unpaid order was not legitimate and cancelled it. I then disabled the customer, but did not delete it. Today, the same person ordered and paid with PayPal for what appears to be a legitimate order. I was surprised - I thought un-checking the Status entry on the Customers list would keep the customer from being able to login. They did change the delivery address for the order to a USA address. But the default delivery address is still to a country we do not do business with. We have refused orders from re-shippers before trying to send toys to Korea. South Korean businesses have a reputation for buying a toy, copying it, and selling in online stores as the genuine article. Our post master advised against sending toys to them. Should the unchecked customer have been able to login again or is this a bug? Quote Share this post Link to post Share on other sites
havenswift-hosting 178 Posted September 26 Disabling the customer will stop them from logging in again but a possible explanation for this is that the customer never logged out and so still had an active session and so did not actually need to login again. There is a good argument that disabling a customer should automatically terminate any active sessions and many other systems have a way of terminating active login sessions manually as well. Would be worthwhile adding this as a bug / feature request to github and reference this thread Quote Share this post Link to post Share on other sites
Al Brookbanks 178 Posted September 26 We can easily remove the session on disable. Probably worth doing. Quote Share this post Link to post Share on other sites
Dirty Butter 722 Posted September 26 (edited) Good - this person is very upset with me LOL - I refunded payment, and they, in broken English and Korean signature, complained. Edited September 26 by Dirty Butter Quote Share this post Link to post Share on other sites
